xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz Open in urlscan Pro Puny
бк-леонбет-зеркало5.xyz IDN
2a06:98c1:3121::7  Public Scan

Submitted URL: https://www.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Effective URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Submission: On April 15 via automatic, source rescanner — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 6th 2022. Valid for: a year.
This is the only time xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... ()
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
20 4
Domain Requested by
11 xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
8 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
1 xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz 1 redirects
1 xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz 1 redirects
1 www.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-06 -
2023-04-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Frame ID: 0D22EF0A744BBF2A1CF920F7C642099A
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Бк Леонбетс зеркало работающее, официальный сайт leonbets, Леон ставки

Page URL History Show full URLs

  1. https://www.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

682 kB
Transfer

1964 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Redirect Chain
  • https://www.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
  • https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
  • https://xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/
  • https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
148 KB
27 KB
Document
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b90073fa623fa5dc85e19d5293ae0b0f7de131921a2883723b241c21bca6888

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fc0c8ebff275a31-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 01:07:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhG4%2BD9AamAt76rQ0aj%2FRTTultooX59DsCf27Qfxht3wotsG06PQ%2B50ymXZUX2zUOi8RMwozvi%2Bjke%2FZ9R49I9eIvZirlWogYhuxs4AuEsxFlLqHm%2FmA31g2jiVe3XUoakLmizXdFacxEejIMsgP%2BYFA3zejG141xdQn4MYqeOPD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
6fc0c8eb6be60f6e-MXP
date
Fri, 15 Apr 2022 01:07:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 15 Apr 2022 02:07:31 GMT
location
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOP5dO4zaHeSN6cCzUbU%2BUXtXTtmU0SrsbGEYnynkcnJDy5MQSNDdjwT6OxNAhoMZmzbYSDCad7jR36A1c%2F0VpmkqClHHUDiDilAbbJOSPjibIxc%2BdDMw6QKDmk%2BE1nQkc8JLpC74kp4ctQqUEeyHXMYViqLG6WQpEBpeyZPX8AD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
af73a7114692c4b0e353fb935b2450b6.css
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/
638 KB
85 KB
Stylesheet
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/af73a7114692c4b0e353fb935b2450b6.css
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cc5386bf4b59a28776e8d799a46ab579fb9f4c3e3bcb3162583fa019055c26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175
cf-polished
origSize=654143
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 15:12:32 GMT
server
cloudflare
etag
W/"625050e0-9fb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IBA%2FmsLsEhA8DUF4Unpm4IL6sN9uN6M6sgYdYCi6Gq%2BLPBUO%2BqPvwLH%2BPD6JXUYBubFQIQsCDwMuGq5C6JDvfK%2FDGWe8SLSO3QTWTyzsk28%2FTe%2FmNUaDyYtpCz6nOdOdFCsVpFoVxmbnZe%2BI3Yd3KMgCucnigFanN8%2FWkBOB2uN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6fc0c8ee49db5a31-MXP
expires
Sat, 16 Apr 2022 01:04:37 GMT
css
fonts.googleapis.com/
45 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7704a426bb652eb325a4b69aaa2f1d882922992770ba78fc909c57267f2cda92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 00:35:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Apr 2022 01:07:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Apr 2022 01:07:32 GMT
email-decode.min.js
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDcHlYYp0eg%2Fb6suah1USMGJ2n%2BoFtwgnnM4wjfujbzicQoCpKH3SdfHSrEbaul%2BX2XUcwJQdg8e2I89voVocU6VrP6AuPd6ZGJ3nyn8vcVrWzJTkfnOWvSNpBFDNRlY2f0hMJVPVQz4C301w%2FEYcVHpREV4GF2S%2FYj%2BP3BhmJwq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc0c8ee49e15a31-MXP
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 01:07:32 GMT
jquery.min.js
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 26 Mar 2022 21:47:34 GMT
server
cloudflare
etag
W/"623f89f6-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5uPyZeaUoYccW9JNiNBNT24ndXg2lS1%2BBYAxva5O9Az9r5Dv3quMYZv3iaLGLld78kb8Khqde%2FD0wUWJg7aWraoizzdzuNAbYySIH2YBSrZPSwceVtA%2FzGl32wKVe5GKKcdTYAn%2BWTlBBTDoR3vvCwFy%2FtjG1Uft%2F7SzHMObDN9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6fc0c8ee59ef5a31-MXP
expires
Sat, 16 Apr 2022 01:04:37 GMT
lazyload.min.js
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/
8 KB
3 KB
Script
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 26 Mar 2022 21:47:33 GMT
server
cloudflare
etag
W/"623f89f5-1ed2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDCPCh3WsGMi44%2FzIKqfDROOLfj1w6C5AlOlB5QTSCSopJcFwdxzMNj17SQcrFYxviUVaSypEUNgiJSioazvf%2BjMCSxRW2CHU5H%2BWhE7VSnySACTIEAQyhxVIfHEUS0SPpw1ZOrCJ24J%2F%2FOJYwc1%2BSrXURRs8KHkg5NJ0Oq43%2Bj5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6fc0c8ee59f05a31-MXP
expires
Sat, 16 Apr 2022 01:04:37 GMT
c436a2071cf90b3d70a84e4709fb0e8c.js
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/
676 KB
169 KB
Script
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/c436a2071cf90b3d70a84e4709fb0e8c.js
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6126262d3e147133dee0a26a67e2ba3f2c29696f2613acb76b6c192788e108f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175
cf-polished
origSize=691916
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 15:12:32 GMT
server
cloudflare
etag
W/"625050e0-a8ecc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8KbBwwXmZgsC%2BmvehSBAU%2BLLjJ06wUg1JotpMqgiPPkXX6lKkDEPKm0r8i9sPf2D%2FxKC2j0OFvMXtd5u9y%2B3TyjwxYWDNbpIUkTKewDpZDyuIl%2BHPufMN%2Fdo3KIVnRWJRWwjZn0G6NKy4skM30r1AzbUIZ3%2Fw23L%2FnsjO%2B0065P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6fc0c8ee59f25a31-MXP
expires
Sat, 16 Apr 2022 01:04:37 GMT
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e1ac0917893632cacc3840c9ba2317661508a5197a7853bae304b556271477f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62a816655d1b8bf20887b55d0b3884828e772f07fc94b9551757b585d5634cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c90776a25f687eaae2209b1ae8dbcf55ee83fd0a4f955775bd55f38b18c9de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bca71285d96c3d92bd595dbd9df29c35652f0b1afdc72ed77f9aee73283928b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:03:58 GMT
x-content-type-options
nosniff
age
140614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 10:03:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 14:02:01 GMT
x-content-type-options
nosniff
age
212731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 14:02:01 GMT
fa-solid-900.woff2
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/af73a7114692c4b0e353fb935b2450b6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/af73a7114692c4b0e353fb935b2450b6.css
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
cf-cache-status
HIT
last-modified
Sat, 26 Mar 2022 21:47:33 GMT
server
cloudflare
age
174
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmY4fi%2Fblzs2Xdafq7D59nJdLPq5Okj%2FvTjcVS7VZlMqDkdOUTjQB60wLdq8wievXrL8EnWuBnR%2FxdoU37WJo392lQGwV1RBlfen4JKTRW7AabvHumMHFoXxJDX1lNI32yb%2B4BmK0w7lTPxBb4cFKtLQ1iU%2FjvA%2FKJIK02UekSlt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc0c8f00f0a83a8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-brands-400.woff2
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
75 KB
76 KB
Font
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/af73a7114692c4b0e353fb935b2450b6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/af73a7114692c4b0e353fb935b2450b6.css
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
cf-cache-status
HIT
last-modified
Sat, 26 Mar 2022 21:47:33 GMT
server
cloudflare
age
174
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBbMk%2Fr4uryXInvO6BRdYcex6GBuc00ZCC42G11Ou1yQuuwgAwmgA9bmNYznZV9PvVOk1oaQTj6viBqrzVp8c5rYJ0YTixNwIsIeom4t0EeyRUX3zADIF5E99QGR0gfUuqZwL4d%2BaAf%2Be7aRqQKcxpygk9MQ8EE6c9iDnux8PBx7"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc0c8f00f0e83a8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 07:29:47 GMT
x-content-type-options
nosniff
age
581865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 08 Apr 2023 07:29:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
602471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Apr 2023 01:46:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:56:19 GMT
x-content-type-options
nosniff
age
112273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 17:56:19 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 21:15:28 GMT
x-content-type-options
nosniff
age
273124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Apr 2023 21:15:28 GMT
KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2
fonts.gstatic.com/s/roboto/v29/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdf807ebbe9d0ed29fb79a69096514e260a236b3b68e51e9a21aad536c622587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:59:48 GMT
x-content-type-options
nosniff
age
601664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10144
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Apr 2023 01:59:48 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 18:07:18 GMT
x-content-type-options
nosniff
age
111614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 18:07:18 GMT
cropped-cropped-cropped-logo-leonbet.png
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/
7 KB
8 KB
Image
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/cropped-cropped-cropped-logo-leonbet.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f6d948675ba269577f0300fcefeba56985ef4a9c035dea021f343edf199faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7182
last-modified
Sat, 26 Mar 2022 21:47:34 GMT
server
cloudflare
etag
"623f89f6-1c0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0w2Vm6HARcN4G8oWyHvw759z5N59uWH0IA9ptaJgjyiZNow2%2FSeJe%2F2R2rVXv68ibfZIzDBgnMKEmcWx%2F2zzp3AGTCLoZ1r%2BjShZQUOPKzIK5ypm18U2cqIebZIXtEeuNIZUETeVpAdGanUxAB0v3jSGPcL6Y7FblfRYWKC1gpWJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6fc0c8f1c93e83a8-MXP
expires
Sat, 16 Apr 2022 01:04:38 GMT
%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B8%CC%86-%D1%81%D0%B0%D0%B8%CC%86%D1%82-%D0%BB%D0%B5%D0%BE%D0%BD-1024x496.jpg
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/09/
64 KB
65 KB
Image
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/09/%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B8%CC%86-%D1%81%D0%B0%D0%B8%CC%86%D1%82-%D0%BB%D0%B5%D0%BE%D0%BD-1024x496.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883b12f8684bb1c0e38e17d5b8f6f6bce6ea5671f32a22d0af1a071d068e97f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65978
last-modified
Sat, 26 Mar 2022 21:47:34 GMT
server
cloudflare
etag
"623f89f6-101ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9W0oVHMR1xHr4vmaFAl2kDb2VbhlzDIzfgaofLvd70oLUzbsBkIA%2Ft7l%2BMtKEX1AbJult1ZyeU16ag5u40LZXOwjRrFBVYBFHod14CCrjzH3aC126054oyL9bxPEhBCEJewn107gdQZktQFuJ9qHi9RCS%2FTF7Wu6DqMSxXgS6JH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6fc0c8f1c94083a8-MXP
expires
Sat, 16 Apr 2022 01:04:38 GMT
unnamed-file.png
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/
35 KB
36 KB
Image
General
Full URL
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/unnamed-file.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e9ee869a43b469f5c007a3f413f113857cc28da0af92075efbc79a0f435be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36315
last-modified
Sat, 26 Mar 2022 21:47:34 GMT
server
cloudflare
etag
"623f89f6-8ddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATWYu6T65m%2B%2Fv8F1RuF9coTRHgye6KkM%2FfZxXGbK2cJ%2BH5WQfnotEucC7e%2FRQvaqYQwzYN4E%2BKKR50%2F4BsS8niBsLFj3yGdzPnn0UWIlmjVd8A6yw9%2B%2BMoXtCXjmwILPoUNSaofWpyE47uGI13rWwBLjYmleQFVIVgC4PK0fbKdK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6fc0c8f1c94283a8-MXP
expires
Sat, 16 Apr 2022 01:04:38 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| astra function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| ElementorProFrontendConfig object| elementorFrontendConfig object| lazyLoadOptions function| LazyLoad undefined| $ function| jQuery function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| lazyLoadThumb function| lazyLoadYoutubeIframe function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| webpackChunkelementor_pro object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| regeneratorRuntime object| elementorFrontend function| Sticky object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz
xn----5-7cdcb1abbt1ahgiwpj6a8a.xyz
2606:4700:3033::ac43:dc40
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a06:98c1:3120::7
2a06:98c1:3121::7
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1b90073fa623fa5dc85e19d5293ae0b0f7de131921a2883723b241c21bca6888
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7
4bca71285d96c3d92bd595dbd9df29c35652f0b1afdc72ed77f9aee73283928b
6126262d3e147133dee0a26a67e2ba3f2c29696f2613acb76b6c192788e108f8
62a816655d1b8bf20887b55d0b3884828e772f07fc94b9551757b585d5634cdd
6c90776a25f687eaae2209b1ae8dbcf55ee83fd0a4f955775bd55f38b18c9de3
6e1ac0917893632cacc3840c9ba2317661508a5197a7853bae304b556271477f
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7704a426bb652eb325a4b69aaa2f1d882922992770ba78fc909c57267f2cda92
883b12f8684bb1c0e38e17d5b8f6f6bce6ea5671f32a22d0af1a071d068e97f9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
b8cc5386bf4b59a28776e8d799a46ab579fb9f4c3e3bcb3162583fa019055c26
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d6f6d948675ba269577f0300fcefeba56985ef4a9c035dea021f343edf199faa
f3e9ee869a43b469f5c007a3f413f113857cc28da0af92075efbc79a0f435be6
fdf807ebbe9d0ed29fb79a69096514e260a236b3b68e51e9a21aad536c622587